A new set of wide-ranging measures to build strong cybersecurity in the European Union is on the table. The European Commission has proposed the creation of an EU Cybersecurity Agency to assist member states in dealing with cyber-attacks, as well as a new European certification scheme that will ensure that products and services in the digital world are safe to use.

When we create an application whitelist we are doing what?
A: Make a list of allowed applications.
B: Making a list of prohibited applications.
C: Making a list of all applications.
D: Making a list of all of our own developed applications.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer

A: Application whitelisting: We can whitelist the applications we want to allow to run on our environments, but it can also be compromised. We would whitelist against a trusted digital certificate, a known hash or path and name, the latter is the least secure, an attacker can replace the file at the path with a malicious copy.

Equifax website is apparently hacked

Equifax website is apparently hacked

Equifax has taken part of its website offline after a security analyst said clicking a link on the site sent him to a malicious URL. Separately, a top Republican congressman introduced a bill that would stop credit reporting firms from using Social Security numbers to identify Americans.

A high-ranking Department of Justice official took aim at encryption of consumer products today, saying that encryption creates “law-free zones” and should be scaled back by Apple and other tech companies. Instead of encryption that can’t be broken, tech companies should implement “responsible encryption” that allows law enforcement to access data, he said.

These can all be used in IPSec except which concept?
A: AH.
B: ESP.
C: SA.
D: DR.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer

D: IPSEC (Internet Protocol Security): Set of protocols that provide a cryptographic layer to IP traffic (IPv4 and IPv6). It uses AH (Authentication Header) to provide authentication and integrity for each packet. ESP (Encapsulation Security Payload) which provides confidentiality and SA (Security Association) which is a simplex one-way communication (Like a walkie talkie).Can be used to negotiate ESP or AH parameters.

For the last few years, the Internet of Things (IoT) has been getting a lot of hype even though the concept has not been a new one. In fact IoT has been around for a long time, but in subtler way. IoT has revolutionized several industries including the IT industry, marketing, health care, education, agriculture and plenty more. IoT is not a complicated thing at all – it means conne…